| View previous topic :: View next topic |
| Author |
Message |
maiku
l33t
Joined: 24 Mar 2004
Posts: 605
Location: Escaping from NY
|
 Posted: Thu Feb 06, 2025 4:12 pm Post subject: luksOpen will not open logical volume during recovery |
 |
|
I finally got around to trying to rebuild the raid from my bum computer.
My old computer used to have
- 4 drives in a RAID5.
- 2 drives in a RAID1.
- The RAID5 drives PLUS a partition from the RAID1 drives fused into a logical volume.
- The volume was then encrypted with luks.
After assembling it the raids, I can get into the root filesystem and see /etc/fstab as well as my /root/.bash_history. I see that I ran this command to decrypt the volume:
| Code: | | cryptsetup luksOpen /dev/mapper/vg-blob crypt-blob |
I have re-created everything on my own computer.
The RAID looks healthy (although I didn't pop in the last device):
| Code: | # cat /proc/mdstat
Personalities : [raid6] [raid5] [raid4] [raid0] [raid1] [raid10]
md124 : active raid1 sdd4[2]
1781430272 blocks super 1.2 [2/1] [_U]
bitmap: 0/14 pages [0KB], 65536KB chunk
md125 : active raid1 sdd1[0]
256896 blocks [2/1] [U_]
md126 : active raid1 sdd3[0]
167782784 blocks [2/1] [U_]
md127 : active raid10 sde1[0] sdf1[3] sdc[2] sdb[1]
3907023872 blocks 64K chunks 2 near-copies [4/4] [UUUU]
unused devices: <none>
|
vgscan finds the volume:
| Code: | # vgscan
WARNING: PV /dev/md127 in VG vg is using an old PV header, modify the VG to update.
WARNING: PV /dev/md124 in VG vg is using an old PV header, modify the VG to update.
Found volume group "vg" using metadata type lvm2
# ls /dev/mapper/
control vg-blob |
BUT I can't open it:
| Code: | # cryptsetup luksOpen /dev/mapper/vg-blob crypt-blob
Device /dev/mapper/vg-blob is not a valid LUKS device. |
And the hexdump is showing there isn't "LUKS" in the header
| Code: | # hexdump -C /dev/mapper/vg-blob | head
00000000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
0000c000 ec b6 3b 15 b0 68 de 47 96 c5 54 87 58 fd 18 88 |..;..h.G..T.X...|
0000c010 57 d6 e7 ee 04 7f 03 9e 0b 65 bb 1a 38 b8 df 27 |W........e..8..'|
0000c020 0a 4e 91 ac 84 03 00 80 3e 0f 43 8a 00 7c 0c 9b |.N......>.C..|..|
0000c030 31 26 c5 fd 70 f0 22 48 20 a4 c7 30 63 03 f9 d4 |1&..p."H ..0c...|
0000c040 48 52 23 7b 79 28 65 c0 91 aa 72 cc 3b e2 5b 12 |HR#{y(e...r.;.[.|
0000c050 7f fb fd 8d 7e 0c de 6a c8 e3 ee 12 9b a8 07 d2 |....~..j........|
0000c060 ea 0d 2b 0d 7d 17 54 a2 56 d3 20 33 c9 0a 1f f9 |..+.}.T.V. 3....|
0000c070 24 dc a8 2e 45 2f f9 d4 f8 87 2d 37 70 4e 1c 79 |$...E/....-7pN.y|
|
Am I doing the luksOpen wrong? Is it an older version? Am I listing the header wrong?
I see LUKS somewhere on the device:
| Code: | # strings -t d -n 4 /dev/mapper/vg-blob | grep LUKS
2097152 LUKS
|
I'm nervous for my data.
Thank you in in advance for any help.
_________________
Michael |
|
| Back to top |
|
 |
sdauth
l33t
Joined: 19 Sep 2018
Posts: 679
Location: Ásgarðr
|
| Posted: Thu Feb 06, 2025 4:38 pm Post subject: |
|
|
Hello,
What's the output of:
| Code: | | cryptsetup luksDump --debug /dev/mapper/vg-blob |
and luksOpen with debug switch too, maybe it will give you some clues. |
|
| Back to top |
|
|
maiku
l33t
Joined: 24 Mar 2004
Posts: 605
Location: Escaping from NY
|
| Posted: Thu Feb 06, 2025 5:25 pm Post subject: |
|
|
| Code: | # cryptsetup luksDump --debug /dev/mapper/vg-blob
# cryptsetup 2.7.5 processing "cryptsetup luksDump --debug /dev/mapper/vg-blob"
# Verifying parameters for command luksDump.
# Running command luksDump.
# Installing SIGINT/SIGTERM handler.
# Unblocking interruption on signal.
# Allocating context for crypt device /dev/mapper/vg-blob.
# Trying to open and read device /dev/mapper/vg-blob with direct-io.
# Detected dm-ioctl version 4.48.0.
# Detected dm-crypt version 1.24.0.
# Device-mapper backend running with UDEV support enabled.
# Direct-io is supported and works.
# Initialising device-mapper backend library.
# Trying to load any crypt type from device /dev/mapper/vg-blob.
# Crypto backend (OpenSSL 3.3.2 3 Sep 2024 [default][legacy][threads][argon2]) initialized in cryptsetup library version 2.7.5.
# Detected kernel Linux 6.6.67-gentoo x86_64.
# Loading LUKS2 header (repair disabled).
# Acquiring read lock for device /dev/mapper/vg-blob.
# Opening lock resource file /run/cryptsetup/L_252:0
# Verifying lock handle for /dev/mapper/vg-blob.
# Device /dev/mapper/vg-blob READ lock taken.
# Trying to read primary LUKS2 header at offset 0x0.
# Opening locked device /dev/mapper/vg-blob
# Verifying locked device handle (bdev)
# Trying to read secondary LUKS2 header at offset 0x4000.
# Reusing open ro fd on device /dev/mapper/vg-blob
# Trying to read secondary LUKS2 header at offset 0x8000.
# Reusing open ro fd on device /dev/mapper/vg-blob
# Trying to read secondary LUKS2 header at offset 0x10000.
# Reusing open ro fd on device /dev/mapper/vg-blob
# Trying to read secondary LUKS2 header at offset 0x20000.
# Reusing open ro fd on device /dev/mapper/vg-blob
# Trying to read secondary LUKS2 header at offset 0x40000.
# Reusing open ro fd on device /dev/mapper/vg-blob
# Trying to read secondary LUKS2 header at offset 0x80000.
# Reusing open ro fd on device /dev/mapper/vg-blob
# Trying to read secondary LUKS2 header at offset 0x100000.
# Reusing open ro fd on device /dev/mapper/vg-blob
# Trying to read secondary LUKS2 header at offset 0x200000.
# Reusing open ro fd on device /dev/mapper/vg-blob
# Trying to read secondary LUKS2 header at offset 0x400000.
# Reusing open ro fd on device /dev/mapper/vg-blob
# LUKS2 header read failed (-22).
# Device /dev/mapper/vg-blob READ lock released.
Device /dev/mapper/vg-blob is not a valid LUKS device.
# Releasing crypt device /dev/mapper/vg-blob context.
# Releasing device-mapper backend.
# Closing read only fd for /dev/mapper/vg-blob.
Command failed with code -1 (wrong or missing parameters).
|
Although I can run
| Code: | | losetup -o 2097152 /dev/loop0 /dev/mapper/vg-blob |
And then I can run | Code: | | cryptsetup luksOpen --readonly /dev/loop0 crypt-blob |
And it'll ask me for a password which was the output from the LUKS search.
I either can't remember the password or it's messed up.
_________________
Michael |
|
| Back to top |
|
|
sdauth
l33t
Joined: 19 Sep 2018
Posts: 679
Location: Ásgarðr
|
| Posted: Thu Feb 06, 2025 6:10 pm Post subject: |
|
|
I wonder if the warning you get when running vgscan is or not related to the header issue with cryptsetup.
| Code: | WARNING: PV /dev/md127 in VG vg is using an old PV header, modify the VG to update.
WARNING: PV /dev/md124 in VG vg is using an old PV header, modify the VG to update. |
Some info here: https://access.redhat.com/solutions/5906681
If you have backup, you could try it but you don't.. it's better idea to wait for more knowledgeable gentoo users than me  |
|
| Back to top |
|
|
maiku
l33t
Joined: 24 Mar 2004
Posts: 605
Location: Escaping from NY
|
| Posted: Fri Feb 07, 2025 2:25 pm Post subject: |
|
|
I got rid of the warning. The LUKS header is still exactly 2MB in offset on the /var/mapper/vg-blob group.
Is that possible that it could be exacltly 2MB in offset? When I used to open the drive I never specified an offset. The passwords I expected to use aren't working to unlock it. So I'm wondering if I forgot the password is there is some corruption somewhere.
_________________
Michael |
|
| Back to top |
|
|
zen_desu
Tux's lil' helper
Joined: 25 Oct 2024
Posts: 136
|
| Posted: Fri Feb 07, 2025 4:27 pm Post subject: |
|
|
An offset suddenly appearing like that would concern me. I'd be making a backup immediately. It may function with the offset but I would imagine if it actually moved the data somehow, something important could have been overridden. My backed up LUKS headers are 16MB so I'm not sure where a 2mb offset could come from
_________________
µgRD dev
Wiki writer |
|
| Back to top |
|
|
maiku
l33t
Joined: 24 Mar 2004
Posts: 605
Location: Escaping from NY
|
| Posted: Fri Feb 07, 2025 4:38 pm Post subject: |
|
|
Joke's on me 'cause I can't open it anyway with the password I expected ain't working with it anyway.
_________________
Michael |
|
| Back to top |
|
|
|
Kernel & Hardware
